This will pull down CertBot and automatically install all required dependencies. It will also use DNS validation to prove domain ownership, I’ve found this to be the easiest option. Follow the on-screen prompts until “Please deploy a DNS TXT record under the name”.

I typically use GoDaddy for domain registration. If you are using GoDaddy, you can go to https://dcc.godaddy.com/manage/[DOMAIN]/dns to mange the DNS settings for your domain. Just add a TXT record with Host field populated with the name provided from CertBot, and the Value field populated with the random value provided by CertBot. Wait a little bit for the DNS records to propagate, and then press enter to continue. You should see a message like this:

The next step is to log in to your GoPhish server if you are not already on there. Go to the GoPhish directory (likely under /opt/gophish) and copy the files generated by LetsEncrypt. Go ahead and copy /etc/letsencrypt/live/[DOMIAN]/privkey.pem into a file like [DOMAIN].key and /etc/letsencrypt/live/[DOMAIN]/fullchain.pem into a file like [DOMAIN].crt. The next thing to do is change the config.json file. You want to modify the “phish _server” parameter to look similar to this: